public Status CreateAccount(string fnUsername, string email, string password)
{
//check if username already exists:
var usernameQuery = from u in _accContext.Accounts where u.FNUsername == fnUsername select u;
if (usernameQuery.Count() > 0)
{
return(new Status(false, "Username is already taken"));
}
//hash the password w/ salt
HashingService hs = new HashingService();
byte[] salt = hs.GenerateSalt();
byte[] hash = hs.GenerateHashWithSalt(salt, password);
var newAcc = new Account(fnUsername, email, hash, salt);
try
{
_accContext.Accounts.Add(newAcc);
_accContext.SaveChanges();
}
catch (Exception e)
{
return(new Status(false, "Failed to create Account: " + e.Message));
}
return(new Status(true, "success"));
}
public Status Login(string fnUsername, string password)
{
//check if username exists
var acc = _accContext.Accounts.Find(fnUsername);
if (acc == null)
{
return(new Status(false, "Username does not exist"));
}
//check if password is correct
HashingService hs = new HashingService();
byte[] hash = hs.GenerateHashWithSalt(acc.Salt, password);
if (hash != acc.PasswordHash)
{
return(new Status(false, "Password was incorrect"));
}
//set Logged in status
acc.LoggedIn = true;
_accContext.Accounts.Attach(acc);
_accContext.Entry(acc).Property(x => x.LoggedIn).IsModified = true;
_accContext.SaveChanges();
return(new Status(true, "success"));
}